Stuart Pearson

**Name of the Vulnerable Software and Affected Versions** Microsoft Outlook versions 2000 through 2003 **Description** A buffer overflow issue exists in the Advanced Search feature of Microsoft Outlook, allowing remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file. This triggers memory corruption when the file is parsed by Outlook. **Recommendations** For Microsoft Outlook versions 2000 through 2003, consider disabling the Advanced Search feature until a patch is available. Restrict access to .oss files to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Microsoft Publisher versions 2000 through 2003 Description: A stack-based buffer overflow issue allows user-assisted remote attackers to execute arbitrary code via a crafted PUB file, which causes an overflow when parsing fonts. This is related to a remote code execution issue that occurs when Publisher parses a file with a malformed string. Recommendations: For Microsoft Publisher versions 2000 through 2003, consider avoiding the use of crafted PUB files until a patch is available. As a temporary workaround, restrict the parsing of fonts from untrusted sources to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Adobe Flash Player versions 8.0.24.0 and earlier Adobe Flash Professional version 8 Adobe Flash MX 2004 Adobe Flex version 1.5 **Description** A buffer overflow issue allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie. **Recommendations** For Adobe Flash Player versions 8.0.24.0 and earlier, update to a version later than 8.0.24.0 to resolve the issue. For Adobe Flash Professional version 8, consider disabling the creation of dynamically created strings in SWF movies until a patch is available. For Adobe Flash MX 2004, restrict the use of long strings in SWF movies to minimize the risk of exploitation. For Adobe Flex version 1.5, avoid using dynamically created strings in SWF movies until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Adobe Flash Player versions prior to 9.0.16.0 **Description** The issue allows user-assisted remote attackers to bypass the allowScriptAccess protection. **Recommendations** For versions prior to 9.0.16.0, update to version 9.0.16.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Excel (affected versions not specified) **Description** The issue allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites. This is achieved via an Excel spreadsheet that contains an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook Express versions 5.5 through 6 Description: The issue concerns a buffer overflow that allows remote attackers to execute arbitrary code. This is achieved through a crafted Windows Address Book (WAB) file that contains certain Unicode strings and modified length values. Recommendations: For Microsoft Outlook Express versions 5.5 through 6, update to a version that contains a fix for this issue to prevent exploitation.